1. Information Lifecycle
    • Classification
    • Categorization
    • Ownership
    • Maintenance
  2. Data Classification Labels
    • Top Secret - loss can cause exceptionally grave damage
    • Secret - serious damage
    • Confidential - damage
    • Sensitive but Unclassified - does not cause damage
    • Unclassified / Public -

    compare to public, official use only, internal use only, company proprietary
  3. FIPS 199
    Sensitive but unclassified data classification

    uses CIA to classify potential impact as low, medium or high

    limited adverse affect; serious adverse affect; severe or catastrophic adverse affect
  4. Data classification criteria
    • Value
    • Age
    • Useful life
    • Personal association
  5. Data classification process (7)
    • Identify custodian
    • Specify criteria for classification
    • Classify data by its owner
    • Document exceptions
    • Specify controls
    • Specify termination procedures to declassify
    • Create enterprise awareness program
  6. FIPS 199
    Aggregate score of CIA

    Security Category (SC) Info type = [(Confidentiality,Impact); (Integrity, Impact); (Availability, Impact)]

    Score can be N/A, Low, Moderate, High

    Score for a system can never be N/A
  7. Ultimately responsible
    Business owner/mission owner
  8. Data Owner
    • Executive or manager
    • final corporate responsibility for the data
    • Decides what is appropriate, ultimately responsible, determines what backup to use, determines who can access
  9. System Owner
    • responsible for the system (hardware and software)
    • procurement, development, integration etc.
  10. Custodian
    hands on responsibilities (patching, backups, routine validation tests, data restoration when necessary, maintaining while following records retention
  11. User
    routinely uses the information as part of their job
  12. Data Controller
    • organization that creates/manages sensitive data
    • must legally ensure security of data with any third processor
  13. Data processor
    Third party company that accesses an organization's sensitive data
  14. OECD Principle
    Personal data should be relevant to the purposes for which they are to be used, and to the extent necessary for those purposes, should be accurate, complete and kept up-to-date.
  15. Outlook PST
    personal storage table (archives)
  16. Memory types
    • ROM - read only; non-volatile; eg firmware; retained after power down; usually small amount; such as boot program; BIOS
    • RAM - random access; refreshed every few milliseconds; volatile; MAIN memory for OS, applications and data
    • DRAM - a dynamic RAM; cheapest
    • SRAM - a static RAM; very fast; used for cache; smaller amount; expensive
    • CACHE - a type of RAM that speeds access by storing frequently used information
    • Primary memory - a type of RAM; used for instructions
    • Secondary memory - slower, non-volatile storage
    • Sequential memory
  17. ROM Types
    • PROM - programmable ROM (firmware); can only be written once
    • EPROM - erasable AND programmable
    • EEPROM - electrically erasable and programmable; USB drives; flash memory
    • PLD - programmable logic devices; integrated circuit; building block for all EPROM
  18. Types of storage devices
    • Primary
    • Secondary
    • Virtual
    • Write once read many (WORM)
    • Volatile
    • Non-volatile
  19. Types of data removal (3)
    • Clearing - overwriting multiple times
    • Purging - degaussing magnetic media
    • Destruction - physically destroying the media by burning or crushing
  20. Write amplification
    • Means some data may be written multiple times to multiple locations
    • One of the reasons why an SSD (using a combination of DRAM and EEPROM) can't be "erased" without:
    • - ATA Secure Erase OR
    • - Physical destruction

    Windows 7 TRIM command does not securely erase an SSD
  21. Provisioning
    Security Baselines and Configuration Management are 2 core principles
  22. Principle of Least Privilege/Minimum Necessary
    Only way to truly protect against vulnerabilities; disable anything not needed and it isn't vulnerable
  23. Baseline Security
    lots of security configuration guidelines: CIS, Microsoft Security Guides; NIST SP 800; DISA STIGs (Security Technical Implementation Guides)

    Important to ALWAYS Test baselines
  24. Security metrics
    Help an organization understand their threats and vulnerabilities
  25. Continuously monitoring
    Simply monitoring the same flaw repeatedly serves little purpose
  26. Best Practices and standards (3)
    • ISO (27001 for controls/sudit; 27002 for best practices/how to/more detailed)
    • NIST
    • IETF
  27. NIST
    • 800-37 (Risk Management)
    • 800-53A (Recommended Security Controls)
    • 800-34 (Contingency Planning)
    • 800-115 (Security Testing and Assessment)
  28. IETF
    • Internet Engineering Task Force
    • issues RFCs (Request for Comments) as the "rules" for the Internet
  29. Australian Signals Directorate BEST Practices
    • application whitelisting
    • patch applications
    • patch operating system vulnerabilities
    • restrict administrative privileges
  30. Tailoring
    similar to scoping but means adding compensating controls and parameters (security configuration settings)
  31. Bell-LaPadula
    • Confidentiality
    • No read up
    • No write down (* property)

    Example: Confidential......Secret......Top Secret

    • Weak Tranquility - labels of subjects and objects never change in a way that violates security
    • Strong Tranquility - labels never change during system operation
  32. Biba
    • Deals with Integrity
    • Opposite of Bell LaPadula

    • No Read Down (simple integrity)
    • No Write Up (Integrity * property)

  33. Model Hint
    All models for Integrity have an I in them.......Biba, Clark-Wilson, Non-Interference, Chinese Wall

    All BIBA rules have Integrity in them
  34. Lattice
    Every subject and object has a security label

    Graph with directed arrows or with an access matrix
  35. Clark-Wilson
    • Integrity
    • Well formed transactions and separation of duties
    • Application oriented as opposed to general (like BLP or BIBA)

    Dash means separation of duties

    • Focused on commercial applications
    • Unauthorized users cannot make changes; authorized users cannot make unauthorized changes
  36. State machine
    Policy dictates secure state changes
  37. Research models
    Noninterference - Ensures high level actions do not determine low level visibility

    Information flow - Objects are labeled and in the form of a lattice
  38. Access Control Matirx
    • Read, write and execute
    • Subject: person, program or process
    • Object: passive file or storage resource
    • Columns are called Access Control Lists (ACLs)
    • Rows are called capability lists

    Subject's capability is defined by the triple (obect, rights, random #)
  39. Chinese Wall
    • Integrity
    • Conflict of Interest
    • Brewer and Nash
  40. Trusted Computing Base
    • Security relevant parts of a system include:
    • - access control mechanisms
    • - reference monitor
    • - the kernel
    • - protective mechanisms
  41. Security Kernel
    central part of a computer system; implements fundamental security procedures
  42. Reference monitor concept
    access control concept that mediates all access to all objects by subjects
  43. Reference monitor
    • system component that enforces access controls on an object
    • assures secrecy and integrity
  44. Domains
    • set of objects
    • separated by rings, base address registers or segmentation descriptors
  45. TCSEC (The Orange Book)
    • Trusted Computer Security Evaluation Criteria
    • part of rainbow series

    • 4 classes:
    • A: verified protected
    • B: Mandatory protected
    • C: Discretionary protected
    • D: Minimal security
  46. ITSEC
    • less rigid than the Orange book
    • Evaluated Functionality (F) and Assurance (E)

    • 10 Functionality Levels
    • E0 thru E6 Assurance Levels
  47. Common Criteria
    • Evaluation Assurance Level applied to a product rather than a system
    • EAL1 thru EAL 7
    • 1: Functionally tested
    • 7: Formally verified, designed and tested

    • Terms:
    • Target of Evaluation
    • Security Target
    • Protection Profile
    • Evaluation assurance level
  48. CPU
    • control unit PLUS arithmetic logic unit (ALU)
    • primary storage memory unit
  49. Instruction cycle
    • Fetch and Execute
    • controlled by CPU clock cycles
  50. CISC
    • Complex Instruction Set
    • many operations per instruction
Card Set
smaller set